An amusing aside - the Microsoft hotfix for the recently publicised SNMP vulnerability didn't work. It's sorted now, but if you downloaded it straight away you'd best get back there and grab the updated version.
As IT Security Advisor for various financial institutions I can only say - "YES! GET SECURITY HOTFIXES ASAP!" So much of my work is purely due to sysadmins not installing patches or fixes. Usually the excuse is "Not enough time" but it's amazing how much more time you have when you aren't firefighting!

Try and persuade the sys admin to read anything on securityfocus.com. If they know anything about their network/systems they should get very scared.

If that doesn't work, get them to hire me or one of my colleagues at Ernst&Young to scare them - it's astonishing how easy it is to demonstrate instant access to a network which could be fixed (mostly) by a half hour's work.

(This isn't a self promotional post, honestly)